03-安全配置指导-公钥管理配置.pdfVIP

目 录 1 公钥管理 ······················································································································ 1-1  1.1 简介 ························································································································ 1-1  1.2 公钥管理配置任务简介 ································································································· 1-2  1.3 配置本地非对称密钥对 ································································································· 1-2  1.3.1 生成本地非对称密钥对 ························································································ 1-2  1.3.2 显示或导出本地非对称密钥对中的主机公钥 ····························································· 1-3  1.3.3 销毁本地非对称密钥对 ························································································ 1-4  1.4 配置远端主机的公钥 ···································································································· 1-5  1.5 公钥管理显示和维护 ···································································································· 1-6  1.6 公钥管理典型配置举例 ································································································· 1-6  1.6.1 手工配置远端主机的公钥 ····················································································· 1-6  1.6.2 从公钥文件中导入远端主机的公钥 ········································································· 1-8  i 1 公钥管理 1.1 简介 如 图 1-1 所示，为了保证数据在网络中安全传输、不被攻击者非法窃听和恶意篡改，发送方在发送 数据之前需要对数据进行加密处理，即通过一定的算法，利用密钥将明文数据变换为密文数据；接 收方接收到密文数据后，需要对其进行解密处理，即通过一定的算法，利用密钥将密文数据恢复为 明文数据，以获得原始数据。其中，密钥是一组特定的字符串，是控制明文和密文转换的唯一参数， 起到“钥匙”的作用。 图1-1 加密和解密转换关系示意图 发送方 密钥 密钥 接收方 明文 密文